Class AudienceClaimValidator
java.lang.Object
io.micronaut.security.oauth2.endpoint.token.response.validation.AudienceClaimValidator
- All Implemented Interfaces:
OpenIdClaimsValidator
@Requires(property="micronaut.security.oauth2.openid.claims-validation.audience",
notEquals="false")
@Singleton
public class AudienceClaimValidator
extends Object
implements OpenIdClaimsValidator
ID Token Audience validator.
The Client MUST validate that the aud (audience) Claim contains its client_id value registered at the Issuer identified by the iss (issuer) Claim as an audience. The aud (audience) Claim MAY contain an array with more than one element. The ID Token MUST be rejected if the ID Token does not list the Client as a valid audience, or if it contains additional audiences not trusted by the Client.
- Since:
- 1.2.0
- Author:
- Sergio del Amo
- See Also:
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionboolean
validate
(OpenIdClaims claims, OauthClientConfiguration clientConfiguration, OpenIdProviderMetadata providerMetadata)
-
Constructor Details
-
AudienceClaimValidator
public AudienceClaimValidator()
-
-
Method Details
-
validate
public boolean validate(OpenIdClaims claims, OauthClientConfiguration clientConfiguration, OpenIdProviderMetadata providerMetadata) - Specified by:
validate
in interfaceOpenIdClaimsValidator
- Parameters:
claims
- ID Token ClaimsclientConfiguration
- OAuth 2.0 Client ConfigurationproviderMetadata
- OpenID Connect provider metadata- Returns:
- Whether the JWT Claims pass validation or not.
-